This article is for those looking for a detailed and clear guide on how to configure Exchange Server 2016.

You can read more about how to configure Exchange Server 2019 in my guide “Configure Exchange Server 2019”.

We will consider the case when you already have two servers with the Windows Server 2012 R2 operating system installed on them. In addition, one of the servers must have the Active Directory Domain Services role installed, and the second server must have Exchange Server 2016 installed.

You can read more about how to install Exchange Server 2016 in my guide “Install Exchange Server 2016 on Windows Server 2012 R2”. You can learn how to install Active Directory Domain Services on Windows Server 2012 R2 by reading “Install Active Directory Domain Services on Windows Server 2012 R2”.

Open the Exchange Admin Center control panel, which is located at the link https://ru-msk-ex-01/ecp, where ru-msk-ex-01 is the name of my Exchange server. Accordingly, you need to provide the name or IP address of your server.

Specify the username and password of an account with Exchange administrator rights and click on the “Sign in” button.

Configure Exchange Server 2016

Welcome to the “Exchange Administration Center”.

You can start working with the Exchange server.

Configure Exchange Server 2016

Let’s create a mailbox database.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Configure Exchange Server 2016

Next, you need to specify a name for the new database and select an Exchange server with the “Mailbox” role.

Specify the name of the database and click on the “Browse” button.

Configure Exchange Server 2016

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Configure Exchange Server 2016

Now you need to specify in which folder the mailbox database and its logs will be stored.

Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

Configure Exchange Server 2016

In the “Database file path” field, specify the folder in which the database will be stored.

In the “Log folder path” field, specify the folder in which the database logs will be stored.

Check the “Mount this database” box and click on the “Save” button.

Configure Exchange Server 2016

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Configure Exchange Server 2016

Open “Server Manager” on the server with Exchange Server 2016 installed, then click on the “Tools” button in the upper right corner of the screen and select “Services”.

Configure Exchange Server 2016

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

Configure Exchange Server 2016

The service has restarted successfully and the new database is ready to go.

Next, in the “Servers” section, select the “Databases” subsection, then select a new database and double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “Limits” section, you can configure the retention time for deleted mailboxes and letters.

Specify the required values and click on the “Save” button.

Configure Exchange Server 2016

Now let’s create a database for shared folders.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Configure Exchange Server 2016

Specify a name for the shared folder database and click the Browse button.

Configure Exchange Server 2016

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Configure Exchange Server 2016

Now you need to specify in which folder the database for public folders and its logs will be stored. Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

Configure Exchange Server 2016

In the “Database file path” field, specify the folder in which the database will be stored.

In the “Log folder path” field, specify the folder in which the database logs will be stored.

Check the “Mount this database” box and click on the “Save” button.

Configure Exchange Server 2016

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Configure Exchange Server 2016

Return to “Server Manager” on the server with Exchange Server 2016 installed, click on the “Tools” button in the upper right corner of the screen, and select “Services”.

Configure Exchange Server 2016

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

Configure Exchange Server 2016

The service has restarted successfully and the new database is ready to go.

Configure Exchange Server 2016

Next, go to the “Public Folders” section.

In the “Public Folders” section, select the “Public Folder Mailboxes” subsection and click on the “+” button.

Configure Exchange Server 2016

Specify a name for the public folder mailbox and in the “Mailbox database” section click on the “Browse” button.

Configure Exchange Server 2016

Select the database for shared folders and click on the “OK” button.

Configure Exchange Server 2016

Nothing can be changed in the “Organization unit” section.

Click on the “Save” button.

Configure Exchange Server 2016

After the public folder mailbox is created, it appears under the Public Folder Mailboxes subsection.

Configure Exchange Server 2016

Now let’s add the trusted domain.

In the “Mail Flow” section, select the “Accepted Domains” subsection and click on the “+” button.

Configure Exchange Server 2016

In the “Name” and “Accepted Domain” fields, specify the domain that you want to add to the trusted ones, then select “Authoritative Domain: E-mail is delivered only to valid recipients in this Exchange organization”.

Click on the “Save” button.

Configure Exchange Server 2016

After the domain is added to the trusted ones, it will appear in the “Accepted Domains” section.

Configure Exchange Server 2016

Now you need to create a policy for generating mailing addresses.

In the “Mail Flow” section, select the “Email Address Policies” subsection and click on the “+” button.

Configure Exchange Server 2016

Next, you need to specify a name for the new policy and choose who it will be applied to, and then determine how mail addresses will be generated in your organization.

In this tutorial, mailing addresses will be based on “Alias”.

Specify a name for the policy for generating postal addresses and click the “+” button.

Configure Exchange Server 2016

Specify the main domain and select “alias@contoso.com”.

Click on the “Save” button.

Configure Exchange Server 2016

Now let’s add a second domain so that users can receive mail using the second domain name as well.

Click on the “+” button.

Configure Exchange Server 2016

Specify the second domain and select “alias@contoso.com”.

Click the “Save” button.

Configure Exchange Server 2016

After you have determined how mail addresses will be formed in your organization, click on the “Save” button.

Configure Exchange Server 2016

Pay attention to the warning. In order for the policy to take effect, you must click on the “Apply” button in the “E-mail Address Policies” subsection.

Configure Exchange Server 2016

After the policy is added, it will appear in the “E-mail Address Policies” subsection with the “Unapplied” status.

To apply a policy, select it and click on the “Apply” button.

Configure Exchange Server 2016

Next, a warning will appear stating that applying the policy may take a long time and you will not be able to perform other tasks while the policy is being applied.

Click on the “Yes” button.

Configure Exchange Server 2016

The policy for generating postal addresses has been successfully applied.

Click on the “Close” button.

Configure Exchange Server 2016

After the policy is applied, it will appear in the “E-mail Address Policies” subsection with the “Applied” status.

Configure Exchange Server 2016

Now you need to create a send connector: to be able to send mail outside the organization.

In the “Mail Flow” section, select the “Send Connectors” subsection and click on the “+” button.

Configure Exchange Server 2016

Specify a name for the new Send Connector and select “Internet” in the “Type” section.

Click on the “Next” button.

Configure Exchange Server 2016

In this example, mail will be sent according to MX records.

Select “MX record associated with recipient domain” and click on the “Next” button.

Configure Exchange Server 2016

Next, you need to specify for which domains the new connector will work.

Click on the “+” button.

Configure Exchange Server 2016

In the “Full Qualified Domain Name (FQDN)” field, enter “*”. This way, the new Send Connector will handle all domains except yours.

Click on the “OK” button.

Configure Exchange Server 2016

After you have specified for which domains the new connector will work, click on the “Next” button.

Configure Exchange Server 2016

Next, you need to specify on which Exchange server the Send connector will be created.

Click on the “+” button.

Configure Exchange Server 2016

Select the Exchange server on which the Send Connector will be created and click on the “OK” button.

Configure Exchange Server 2016

Everything is ready to create a send connector.

Click on the “Finish” button.

Configure Exchange Server 2016

Next, in the “Mail Flow” section, select the “Send Connectors” subsection, then select a new send connector and double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section of the “Maximum send message size (MB)” menu, you can configure the maximum size of mail attachments to be sent.

Configure Exchange Server 2016

Further, in the “Scoping” section, in the “Specify the FQDN this connector will provide in response to HELO or EHLO” field, specify the name by which your mail server is accessible from the Internet.

Click on the “Save” button.

Configure Exchange Server 2016

Now let’s see the transport settings.

In the “Mail Flow” section, select the “Send Connectors” subsection. Then click on the “…” button and select “Organization transport settings”.

Configure Exchange Server 2016

In the “Limits” section, you can configure the maximum size of mail attachments for sending and receiving.

Specify the required values and click on the “Save” button.

Configure Exchange Server 2016

Now you need to provide your Exchange Server 2016 license key.

In the “Servers” section, select the “Servers” subsection and click on the “Edit” button.

Configure Exchange Server 2016

In the “General” section, specify the Exchange Server 2016 license key and click on the “Save” button.

Configure Exchange Server 2016

Now you need to configure DNS records for the domain. To do this, you need to open a web browser and go to the control panel for external DNS records for your domain.

This tutorial uses “cPanel” to manage external DNS records for a domain.

Enter the login and password you received when purchasing hosting.

Configure Exchange Server 2016

In the “Domains” section, select the “Advanced DNS Zone Editor” item.

Configure Exchange Server 2016

Select the domain for which you want to configure DNS records.

Configure Exchange Server 2016

Let’s add an A record.

In the “Name” field, enter “mail”.

In the “TTL” field, enter “14400”.

In the “Type” field, select “A”.

In the “Address” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Add record” button.

Configure Exchange Server 2016

Let’s add one more A-record.

In the “Name” field, specify “autodiscover”.

In the “TTL” field, enter “14400”.

In the “Type” field, select “A”.

In the “Address” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Add record” button.

Configure Exchange Server 2016

Let’s add one more A-record.

In the “Name” field, enter “mx01”.

In the “TTL” field, enter “14400”.

In the “Type” field, select “A”.

In the “Address” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Add record” button.

Configure Exchange Server 2016

Next, you need to register MX records in the hosting control panel.

We return to the hosting control panel.

In the “Mail” section, select the “MX Record” item.

Configure Exchange Server 2016

Next, in the domain field, you must specify the domain for which the MX records will be configured. Then in the item “Email Routing” you need to select “Remote Mail Exchanger” and click on the “Change” button.

Configure Exchange Server 2016

Now delete all the old MX records in the MX Records section.

Select the entry and click on the “Delete” button.

Configure Exchange Server 2016

In the “Priority” field, enter “1”.

In the “Destination” field, specify the previously created A-record with the name “mx01” and click on the “Add New Record” button.

Configure Exchange Server 2016

Next, you need to make a request to your ISP to create a PTR record for your external IP address, where your mail server is accessible from the Internet. This is necessary in order for your IP address to resolve to a name. In this example, IP 188.244.46.91 is being converted to the name mail.vmkh.org.

Now you need to create an SPF (Sender Policy Framework) and write its value to the TXT record.

Thanks to SPF, you can check if the sender’s domain has been tampered with. SPF allows you to specify a list of servers capable of sending mail messages on behalf of your domain.

You can get the parameters for recording SPF using the SPF Wizard.

SPF example: v=spf1 mx ptr:mail.vmkh.org mx:mx01.vmkh.org ip4:188.244.46.91 -all

Return to the “Advanced DNS Zone Editor” section.

In the “Domains” section, select the “Advanced DNS Zone Editor” item.

Configure Exchange Server 2016

Next, in the domain field, you must specify the domain for which the A-records will be configured.

Configure Exchange Server 2016

Add TXT record.

In the “Name” field, specify the domain.

In the “TTL” field, enter “14400”.

In the “Type” field, select “TXT”.

In the “TXT Data” field, specify the SPF parameters obtained using the SPF Wizard and click on the “Add Record” button.

Configure Exchange Server 2016

Now you need to register the A-record on the internal DNS server.

Open “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “DNS”.

Configure Exchange Server 2016

In the “Forward Lookup Zones” section, select the main domain and right-click on it, then select “New Host (A or AAAA)”.

Configure Exchange Server 2016

In the “Name (uses parent domain name if blank)” field, specify “Mail”.

In the “IP address” field, specify the IP address of the server on which Exchange Server 2016 is installed and click on the “Add Host” button.

Configure Exchange Server 2016

A record has been successfully added.

Click on the “OK” button.

Configure Exchange Server 2016

After the A-record is added, it will appear in the list with the rest of the records.

Configure Exchange Server 2016

For further configuration, you need a certification authority.

In this tutorial, the Active Directory Certificate Services role will be installed on a domain controller.

Go back to the “Server Manager” on the domain controller, then click on the “Manage” button in the upper right corner of the screen and select “Add Roles and Features”.

Configure Exchange Server 2016

Click on the “Next” button.

Configure Exchange Server 2016

Select the installation type “Role-based or feature-based installation” and click on the “Next” button.

Configure Exchange Server 2016

Next, select the server on which the role will be installed.

Click on the “Next” button.

Configure Exchange Server 2016

Select the Active Directory Certificate Services role.

Configure Exchange Server 2016

In the next step, the Role Installation Wizard will warn you that several components need to be installed to install the Active Directory Certificate Services role.

Click on the “Add Features” button.

Configure Exchange Server 2016

Click on the “Next” button.

Configure Exchange Server 2016

At the stage of adding components, we leave all the default values.

Click on the “Next” button.

Configure Exchange Server 2016

Next, the Role Installation Wizard invites you to learn more about the Active Directory Certificate Services role.

Click on the “Next” button.

Configure Exchange Server 2016

Now you need to select the required services.

We select “Certification Authority Web Enrollment”.

Configure Exchange Server 2016

In the next step, the Install Roles Wizard will warn you that several components need to be installed to install the Certification Authority Web Enrollment.

Click on the “Add Features” button.

Configure Exchange Server 2016

Next, select “Online Responder”.

Configure Exchange Server 2016

The Role Installation Wizard will warn you that several components need to be installed to install Online Responder.

Click on the “Add Features” button.

Configure Exchange Server 2016

After all the necessary services are selected, click on the “Next” button.

Configure Exchange Server 2016

In the next step, the Role Installation Wizard will warn you that the Internet Information Services webserver role will be additionally installed for the Active Directory Certificate Services role.

Configure Exchange Server 2016

At the stage of adding components, we leave all the default values.

Click on the “Next” button.

Configure Exchange Server 2016

In order to start the installation of the selected role, click on the “Install” button.

Configure Exchange Server 2016

The installation of the selected role and the components required for it began.

Configure Exchange Server 2016

Installation of the Active Directory Domain Services role is now complete.

Click on the “Close” button.

Configure Exchange Server 2016

Now you need to reboot the server.

On the keyboard, press the key combination “Win” and “x”, in the menu that opens, select “Shut down or sign out”, then “Restart”.

Configure Exchange Server 2016

Next, the server will start to reboot.

Configure Exchange Server 2016

Now you need to configure the role.

Open the “Server Manager”, in the upper right corner of the screen, click on the plug and select “Settings”. Then select “Configure Active Directory Certificate Services on the destination server” in order to configure the role.

Configure Exchange Server 2016

Click on the “Next” button.

Configure Exchange Server 2016

Next, you need to select the services that you want to configure.

Select “Certification Authority”, “Certification Authority Web Enrollment” and “Online Responder” and click on the “Next” button.

Configure Exchange Server 2016

The server is a member of the domain, so select “Enterprise CA” and click on the “Next” button.

Configure Exchange Server 2016

There are no other servers with the Active Directory Certificate Services role in the domain, so select “Root CA” and click on the “Next” button.

Configure Exchange Server 2016

Next, you need to create a new private key.

Select “Create a new private key” and click on the “Next” button.

Configure Exchange Server 2016

Next, you can select the cryptography settings.

Leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2016

Specify a name for the new certification authority and click on the “Next” button.

Configure Exchange Server 2016

Now we select the validity period of the certificate and click on the “Next” button.

Configure Exchange Server 2016

Next, you can specify where the certificate database and its logs will be stored.

Leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2016

Everything is ready to configure the role.

Click on the “Configure” button.

Configure Exchange Server 2016

The configuration for the Active Directory Certificate Services role has been completed successfully.

Click on the “Close” button.

Configure Exchange Server 2016

Now you need to enable the SAN (Subject Alternative Name) function on the CA server. This feature is useful when publishing the “Autodiscover” service.

On the certification authority server, on the “Taskbar”, right-click on “Windows PowerShell” and select “Run as administrator”.

Configure Exchange Server 2016

We enable the SAN function using the command:

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2

Configure Exchange Server 2016

Now you need to restart the “CertSvc” service.

Stop the “CertSvc” service using the command:

net stop certsvc

Configure Exchange Server 2016

We start the “CertSvc” service using the command:

net start certsvc

Configure Exchange Server 2016

Service “CertSvc” restarted successfully.

Configure Exchange Server 2016

Now let’s make a request to create a new Exchange certificate.

We return to the Exchange Admin Center control panel.

In the “Servers” section, select the “Certificates” subsection and click on the “+” button.

Configure Exchange Server 2016

Select “Create a request for a certificate from a certification authority” and click on the “Next” button.

Configure Exchange Server 2016

Specify a name for the new certificate and click on the “Next” button.

Configure Exchange Server 2016

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2016

Now you need to specify the Exchange server where the certificate request will be stored.

Click on the “Browse” button.

Configure Exchange Server 2016

Select the Exchange server where the certificate request will be stored and click on the “OK” button.

Configure Exchange Server 2016

After the Exchange server is specified, click on the “Next” button.

Configure Exchange Server 2016

Now you need to specify the domain names that need to be included in the certificate for all types of access.

Select “Outlook Web App (when accessed from the Internet)” and click on the “Edit” button.

Configure Exchange Server 2016

Specify the name by which your mail server is accessible from the Internet for the “Outlook Web App” access type, and click on the “OK” button.

Configure Exchange Server 2016

Select OAB (when accessed from the Internet) “and click on the” Edit “(Pencil) button.

Configure Exchange Server 2016

We indicate the name by which your mail server is accessible from the Internet for the “OAB” access type and click on the “OK” button.

Configure Exchange Server 2016

Select “Exchange Web Services (when accessed from the Internet)” and click on the “Edit” button.

Configure Exchange Server 2016

Specify the name by which your mail server is accessible from the Internet for the “Exchange Web Services” access type, and click on the “OK” button.

Configure Exchange Server 2016

Select “Exchange ActiveSync (when accessed from the Internet)” and click on the “Edit” button.

Configure Exchange Server 2016

Specify the name by which your mail server is accessible from the Internet for the “Exchange ActiveSync” access type, and click on the “OK” button.

Configure Exchange Server 2016

Select “POP” and click on the “Edit” button (Pencil).

Configure Exchange Server 2016

We indicate the name by which your mail server is accessible from the Internet for the “POP” access type, and click on the “OK” button.

Configure Exchange Server 2016

Select “IMAP” and click on the “Edit” button.

Configure Exchange Server 2016

Specify the name by which your mail server is accessible from the Internet for the “IMAP” access type, and click on the “OK” button.

Configure Exchange Server 2016

Select “Outlook Anywhere” and click on the “Edit” button.

Configure Exchange Server 2016

Specify the name by which your mail server is accessible from the Internet for the “Outlook Anywhere” access type, and click on the “OK” button. Then click on the “Next” button.

Configure Exchange Server 2016

Below is a list of domains that will be included in the certificate.

Click on the “Next” button.

Configure Exchange Server 2016

Next, you must specify the name of the organization, department, and geographic location of the company.

This guide deals with an organization located in Russia, in the city of Moscow.

We indicate the necessary information and click on the “Next” button.

Configure Exchange Server 2016

Now you need to specify the folder where the Exchange certificate request will be saved.

In this tutorial, the certificate request will be saved to the local “C” drive on the Exchange server.

Specify where the Exchange certificate request will be saved and click on the “Finish” button.

Configure Exchange Server 2016

After the certificate request is created, it will appear in the “Certificates” subsection with the “Pending request” status.

Configure Exchange Server 2016

Now you need to validate your Exchange certificate with a CA.

On the Exchange server, go to the link http://ru-msk-dc-01/certsrv, where ru-msk-dc-01 is the name of my certification authority server. Accordingly, you need to specify the name of your server.

We go under an account with administrator rights and click on the “OK” button.

Configure Exchange Server 2016

Now let’s add the address of the certification server to “Trusted sites”.

Click on the “Add” button.

Configure Exchange Server 2016

In the “Add this website to the zone” field, specify the address of the certification server and click on the “Add” button.

Configure Exchange Server 2016

Click on the “Close” button.

Configure Exchange Server 2016

Now select “Request a certificate”.

Configure Exchange Server 2016

Next, select “Advanced certificate request”.

Configure Exchange Server 2016

Now select “Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file”.

Configure Exchange Server 2016

Next, open “Explorer” and go to the local drive “C” where the Exchange certificate request was saved.

Click on the certificate request file twice with the left mouse button.

Configure Exchange Server 2016

Click on the “More option” button.

Configure Exchange Server 2016

We select “Notepad”.

Configure Exchange Server 2016

Copy the contents of the request file.

Configure Exchange Server 2016

Next, insert the contents of the request file into the “Saved Request” field, then in the “Certificate Template” section, select “Web Server” and click on the “Submit” button.

Configure Exchange Server 2016

In the “Save” menu, select “Save as”.

Configure Exchange Server 2016

Select “DER encoded” and click on the “Download certificate” button.

Configure Exchange Server 2016

Assign a name and save the Exchange certificate to the Downloads folder.

Click on the “Save” button.

Configure Exchange Server 2016

Now you need to download the certificate of the certification authority.

Click on the “Home” button in the upper right corner of the screen.

Select “Download a CA certificate, certificate chain, or CRL”.

Configure Exchange Server 2016

In the “Encoding method” section, select “DER” and click on the “Download CA certificate” button.

Configure Exchange Server 2016

In the “Save” menu, select “Save as”.

Configure Exchange Server 2016

We assign a name and save the certificate of the certification authority in the “Downloads” folder.

Click on the “Save” button.

Configure Exchange Server 2016

To successfully validate your Exchange certificate request, you must import the CA certificate into the Trusted Root Certification Authorities on the Exchange server.

Press “Start”, specify “mmc” in the search bar.

Launch Microsoft Management Console.

Configure Exchange Server 2016

Now let’s add the Certificates snap-in.

Next, in the “File” menu, select “Add/Remove Snap-in”.

Configure Exchange Server 2016

In the “Available snap-ins” section, select “Certificates” and click on the “Add” button.

Configure Exchange Server 2016

Next, select “Computer account” and click on the “Next” button.

Configure Exchange Server 2016

Select “Local computer” and click on the “Finish” button.

Configure Exchange Server 2016

The snap-in has been added successfully.

Click on the “OK” button.

Configure Exchange Server 2016

In the “Certificates (Local Computer)” section, select the “Trusted Root Certification Authorities” subsection, then right-click on the “Certificates” subsection and select “All Tasks”, then “Import”.

Configure Exchange Server 2016

Click on the “Next” button.

Configure Exchange Server 2016

Next, you need to specify the path to the certificate of the certification authority.

Click on the “Browse” button.

Configure Exchange Server 2016

Select the certificate of the certification authority and click on the “Open” button.

Configure Exchange Server 2016

After the path to the certificate of the certification authority is indicated, click on the “Next” button.

Configure Exchange Server 2016

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2016

Everything is ready to import the certificate into the “Trusted Root Certification Authorities”.

Click on the “Finish” button.

Configure Exchange Server 2016

The CA certificate has been successfully imported.

Click on the “OK” button.

Configure Exchange Server 2016

We return to the Exchange Admin Center control panel.

In the “Servers” section, select the “Certificates” subsection. Then select the new Exchange certificate and click on the “Complete” button on the right.

Configure Exchange Server 2016

Next, you need to specify the path to the Exchange certificate.

Specify the path to the Exchange certificate and click on the “OK” button.

Configure Exchange Server 2016

After the certificate is confirmed, it will appear in the “Certificates” subsection with the “Valid” status.

Now you need to assign a new Exchange certificate for SMTP and IIS services.

Select a new certificate and double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “Services” section, check the boxes for “SMTP”, “IMAP”, “POP”, and “IIS”, then click on the “Save” button.

Configure Exchange Server 2016

Next, a warning will appear asking you to overwrite the existing certificate for SMTP.

Click on the “Yes” button.

Configure Exchange Server 2016

After the Exchange certificate is assigned to the services, the list of services in the “Assigned to services” field is updated.

Configure Exchange Server 2016

Now let’s take a look at the Outlook Web App settings.

In the “Servers” section, select the “Virtual Directories” subsection and select the “owa (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/owa”.

Configure Exchange Server 2016

Now let’s configure user authorization by login without having to specify a domain.

In the “Authentication” section in the “Use forms-based authentication” section, select “User name only”.

Next, you need to select the main domain, click on the “Browse” button.

Configure Exchange Server 2016

Select the main domain and click on the “OK” button.

Configure Exchange Server 2016

After the domain is specified, click on the “Save” button.

Configure Exchange Server 2016

Next, a warning will appear asking you to restart IIS.

IIS will restart later.

Click on the “OK” button.

Configure Exchange Server 2016

Now let’s write the address where your mail server is accessible from the Internet into the Exchange server configuration.

In the “Servers” section, select the “Virtual Directories” subsection and select the “ecp (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/ecp”.

Click on the “Save” button.

Configure Exchange Server 2016

In the “Servers” section, select the “Virtual Directories” subsection and select the “EWS (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/EWS/Exchange.asmx”.

Click on the “Save” button.

Configure Exchange Server 2016

In the “Servers” section, select the “Virtual Directories” subsection and select the “mapi (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/mapi”.

Click on the “Save” button.

Configure Exchange Server 2016

In the “Servers” section, select the “Virtual Directories” subsection and select the “Microsoft-Server-ActiveSync (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/Microsoft-Server-ActiveSync”.

Click on the “Save” button.

Configure Exchange Server 2016

In the “Servers” section, select the “Virtual Directories” subsection and select the “OAB (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/OAB”.

Click on the “Save” button.

Configure Exchange Server 2016

In the “Servers” section, select the “Virtual Directories” subsection and select the “PowerShell (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/powershell”.

Click on the “Save” button.

Configure Exchange Server 2016

Now let’s configure the Outlook Anywhere service. This service is used to connect to the Exchange server via the Internet using “Outlook”.

In the “Servers” section, select the “Servers” subsection, select the Exchange server, and double-click on it with the left mouse button.

Configure Exchange Server 2016

Next, in the “Specify the external hostname such as contoso.com that users will use to connect to your organization” field, specify the name by which your mail server is accessible from the Internet. Then, in the “Specify the authentication method for external clients to use when connecting to your organization” menu, select “NTLM” and uncheck the “Allow SSL offloading” checkbox.

Click on the “Save” button.

Configure Exchange Server 2016

Pay attention to the warning.

Click on the “OK” button.

Configure Exchange Server 2016

Now let’s restart IIS.

On the Exchange server, on the “Taskbar” select “Windows PowerShell” and after clicking the right mouse button click on “Run as administrator”.

Configure Exchange Server 2016

Restart IIS using the command:

iisreset /noforce

Configure Exchange Server 2016

IIS restarted successfully.

Configure Exchange Server 2016

Now let’s configure the ability to receive mail.

In the “Mail Flow” section, select the “Receive Connectors” subsection, select the “Default Frontend RU-MSK-EX-01” receive connector, where ru-msk-ex-01 is the name of my Exchange server. Then click on it twice with the left mouse button.

Configure Exchange Server 2016

In the “General” section, in the “Maximum receive message size” field, you can configure the maximum allowable size of mail attachments for receiving.

Configure Exchange Server 2016

In the “Security” section, check for a checkmark on the “Anonymous users” item.

Click on the “Save” button.

Configure Exchange Server 2016

Now let’s create a new user with a mailbox.

In the “Recipients” section, select the “Mailboxes” subsection and click on the “+” button.

Configure Exchange Server 2016

Now we specify the alias, first and last name for the new user.

Then you need to select the organization unit in which you plan to create a new user.

Click on the “Browse” button.

Configure Exchange Server 2016

Select the OU in which you want to place the new user, and click on the “OK” button.

Configure Exchange Server 2016

In the “User logon name” field, specify the login for the new user.

Next, specify a strong password and click on the “More options” button.

Configure Exchange Server 2016

Now you need to select the database in which the mailbox for the new user will be created.

In the “Mailbox database” section, click on the “Browse” button.

Configure Exchange Server 2016

Select the mailbox database and click on the “OK” button.

Configure Exchange Server 2016

Everything is ready to create a user with a mailbox.

Click on the “Save” button.

Configure Exchange Server 2016

After the user with the mailbox is created, it will appear in the “Mailboxes” section.

Configure Exchange Server 2016

Now you need to import the Exchange certificate into Trusted Root Certification Authorities on all computers in the domain.

Go to the domain controller, create a folder and copy the Exchange certificate into it.

Configure Exchange Server 2016

In this tutorial, the certificate was copied to the “ExchangeCertificate” folder on the “C” drive.

Configure Exchange Server 2016

Go back to “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “Group Policy Management”.

Configure Exchange Server 2016

Now let’s create a new Group Policy to import the certificate into Trusted Root Certification Authorities on all computers in the domain.

Right-click on the domain name and select “Create a GPO in this domain, and Link it here”.

Configure Exchange Server 2016

Specify a name for the new group policy and click on the “OK” button.

Configure Exchange Server 2016

Next, click on the new policy with the right mouse button and select “Edit”.

Configure Exchange Server 2016

In the Group Policy Editor, go to the “Computer Configuration” section, then to the “Windows Settings” subsection, then find the “Security Settings” section and select “Public Key Policies”, now right-click on “Trusted Root Certification Authorities” and select “ Import “.

Configure Exchange Server 2016

Click on the “Next” button.

Configure Exchange Server 2016

Next, you need to specify the path to the Exchange certificate.

Click on the “Browse” button.

Configure Exchange Server 2016

Go to the folder with the Exchange certificate and click on the “Open” button.

Configure Exchange Server 2016

After the path to the certificate is specified, click on the “Next” button.

Configure Exchange Server 2016

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2016

Everything is ready to import the certificate into the “Trusted Root Certification Authorities” for all computers in the domain.

Click on the “Finish” button.

Configure Exchange Server 2016

The Exchange certificate has been successfully imported into Group Policy settings.

Click on the “OK” button.

Configure Exchange Server 2016

After the certificate is imported into Group Policy settings, it will appear in the “Trusted Root Certification Authorities” section.

The Exchange certificate will now be imported to all computers covered by this policy.

Configure Exchange Server 2016

Now you need to restart your mail server.

We return to the server with Exchange Server 2016 installed.

On the keyboard, press the key combination “Win” and “x”, in the menu that opens, select “Shut down or sign out”, then “Restart”.

Configure Exchange Server 2016

Vladimir Mikhalev
hey, I’m Vladimir Mikhalev, but my friends call me Valdemar. I have a lot of experience in the design and maintenance of various information systems.

Recent Posts